卷曲登录到应用程序不进行身份验证

时间:2015-02-16 09:20:23

标签: php curl

我尝试登录过一个webapp来检索特定文件,但我似乎无法在应用程序中进行身份验证,更不用说抓取文件了。

不确定如何解决此问题。认为它可能是隐藏的领域,但似乎没有将值传递给它们有所作为。

function gla_fetchlist() {

$username = 'xxx@xxx.com';
$password = 'xxxx';
$loginUrl = 'https://guestlistapp.com/login';


$content = file_get_contents('https://guestlistapp.com/login');

$doc = new DOMDocument();
$doc->loadHTML($content);
$tags = $doc->getElementsByTagName('input');
foreach ($tags as $tag) {
    if($tag->getAttribute('name') === 'authenticity_token') {
         $token = $tag->getAttribute('value');

    }
    if($tag->getAttribute('name') === 'utf8') {
         $utf8 = $tag->getAttribute('value');

    }
    if($tag->getAttribute('name') === '_method') {
         $method = $tag->getAttribute('value');

    }

}


$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password.'&authenticity_token='.$token.'&utf8='.$utf8.'&_method='.$method);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec($ch);

echo $store;

}

以下是调试日志

* Re-using existing connection! (#0) with host guestlistapp.com
* Connected to guestlistapp.com (173.255.229.91) port 443 (#0)
> POST /login.php HTTP/1.1
Host: guestlistapp.com
Accept: */*
Content-Length: 130
Content-Type: application/x-www-form-urlencoded

* upload completely sent off: 130 out of 130 bytes
< HTTP/1.1 404 Not Found
< Server: nginx
< Date: Mon, 16 Feb 2015 16:04:26 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 666
< Connection: keep-alive
< Status: 404 Not Found
< Strict-Transport-Security: max-age=31536000
< X-Request-Id: ff28bda2e9db2e42f4a383f8c5a969d5
< X-Runtime: 0.008811
< X-Rack-Cache: invalidate, pass
< 
* Connection #0 to host guestlistapp.com left intact

0 个答案:

没有答案